Baserow
v1.0.3Baserow integration. Manage Workspaces, Users, Roles. Use when the user wants to interact with Baserow data.
⭐ 0· 209·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description and runtime instructions align: the skill is a Baserow integration that uses the Membrane CLI to manage workspaces, users, roles, and raw API proxying. There are no unexpected environment variables, binaries, or config paths requested.
Instruction Scope
SKILL.md keeps instructions within the integration scope (install CLI, login, create/inspect connections, run actions, or proxy to Baserow). It does instruct the agent/user to open a browser for authentication or complete a headless login flow. Important privacy note: proxying with `membrane request` sends requests via Membrane and therefore transmits request/response data to Membrane's service — this is expected but worth reviewing.
Install Mechanism
No formal install spec in registry (instruction-only). The doc asks users to run `npm install -g @membranehq/cli` — a public npm global install. This is a standard but moderately privileged install (global npm packages can run install scripts). Verify the package identity and trustworthiness before installing and consider installing in an isolated environment if concerned.
Credentials
The skill declares no required env vars or credentials and explicitly advises against asking users for API keys (use Membrane connections instead). It does require a Membrane account and network access, which are proportional to the described functionality.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-level privileges. It does not modify other skills or system-wide agent settings and relies on user-invoked CLI commands; autonomous invocation is allowed by platform default but is not accompanied by other red flags.
Assessment
This skill appears to do what it says: it uses the Membrane CLI to access Baserow and asks you to install @membranehq/cli and sign in with a Membrane account. Before installing or using it: 1) confirm the @membranehq/cli package and the Membrane service (getmembrane.com / the GitHub repo) are the official/trusted sources; 2) understand that requests and data will be proxied through Membrane's servers (check their privacy/security docs and permissions for the connector); 3) prefer installing the CLI in a contained environment (container or VM) if you are wary of global npm installs, and run `npm audit`/inspect package source; and 4) if you need to avoid third-party transit of sensitive data, do not use the proxy path — instead use a direct, vetted integration that you control.Like a lobster shell, security has layers — review code before you run it.
latestvk97a72ypqrjdvrxavpnz9gy0xn843dbw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.